After Apple released its iOS 14 developer beta for iPhone last week, it became clear that some of the popular iOS apps read your clipboard data.
This problem first appeared in March, when researchers noticed that Tommy Mysk and Talal Hak Bakyr, especially TikTok and many other applications, which have become very popular recently, regularly call data from the iOS and iPadOS dashboard even if you are not in the text input box. As stated in a recent report by Ars Technica, this could potentially include Bitcoin addresses and other financial information.
In the beta version of iOS 14, users now receive a warning that another application can copy data from the clipboard. As shown in a video that went viral on Twitter last week, data not pasted by the user can appear in third-party apps.
Apple uses the “Universal Clipboard” feature on their devices such as iPhone, iPad and Mac. If the devices that are logged in with the same Apple ID are close to each other, if you want to paste something from one device to another, the clipboard data can be read from other devices.
Given all this, an annoying situation can arise for your passwords, Bitcoin addresses or other sensitive information. Even if most of the important apps detected don’t use the functionality maliciously, the presence of this feature is large enough to doubt the security of data in iOS.
In their reviews, Mysk and Haj Bakry stated that after TikTok, with an estimated 800 million users, more than 50 apps such as The New York Times, Fox News, Bejeweled, PUBG Mobile, AccuWeather and Hotels.com have this problem.
After the report, a TikTok representative stated that an updated version of the application without clipboard callback feature was sent to the App Store for approval, and soon the callback feature from TikTok will be turned off.